For a visual walk‑through, see the @steelcon.info livestream recording: youtu.be/wxu1axAdPhw?...
I am very proud of this h1 achievement!
Dive into WebSocket Turbo Intruder 2.0 - fuzz at scale, automate complex multi-step attacks, and exploit faster.
The blog post is live! Read it here:
portswigger.net/research/web...
The Fragile Lock: Novel Bypasses for SAML Authentication will premiere this Wednesday at 10:20 at Black Hat Europe! I'll show you how to chain XML parser quirks to achieve complete authentication bypasses on multiple popular libraries #BHEU @blackhatevents.bsky.social
WebSocket security testing is so painful that this ever -expanding attack surface is largely overlooked. Learn how to dive where others fear to tread with WebSocket Turbo Intruder.
Join me live on Sept 17 at 4PM (GMT+1)
discord.gg/portswigger?...
I’m excited to announce that I’ll be presenting The Fragile Lock: Novel Bypasses for SAML Authentication at Black Hat Europe! In this talk, I’ll show how I was able to continuously bypass security patches to achieve complete auth bypass for major libraries. #BHEU @blackhatevents.bsky.social
We've just published a novel technique to bypass the __Host and __Secure cookie flags, to achieve maximum impact for your cookie injection findings: portswigger.net/research/coo...
I love discrepancies so much that I decided to introduce them to my nickname too @d4d89704243.bsky.social →
@zakfedotkin.bsky.social
Because why be consistent when you can keep people guessing?
Thrilled to announce: I’ll be presenting a major new version of WebSocket Turbo Intruder at Black Hat Arsenal 2025! This open-source toolkit makes high-speed, advanced WebSocket attacks practical and painless.